Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix(vulnerable-code): Fix search for Go package vulnerabilities
For Go packages, both the namespace and name may contain path segments separated by a "/" character. The purl specification requires these "/" characters to be percent-encoded in the namespace and name components of a purl. The VulnerableCode bulk-search API is unable to handle these percent-encoded "/" characters, resulting in no vulnerability records being returned. This bugfix decodes any percent-encoded "/" characters just before making the VulnerableCode query to ensure proper functionality. Fixes oss-review-toolkit#9298 Signed-off-by: Wolfgang Klenk <[email protected]>
- Loading branch information